Page 1 of 1
Best method to return user after they login.
Posted: Fri Dec 04, 2009 9:33 am
by tuxiow
Hi guys,
What is the best method to return a user to the page they where on after they have logged in?
Thanks all.
Regards Paul
Re: Best method to return user after they login.
Posted: Fri Dec 04, 2009 10:35 am
by AbraCadaver
Well, you can try redirecting back to $_SERVER['HTTP_REFERER'] but that isn't always set. So on each page in your site (except the login page) you can set a session var for the current page. Then on the login page you have that var that was set on the previous page.
-Shawn
Re: Best method to return user after they login.
Posted: Fri Dec 04, 2009 3:53 pm
by pickle
That only works if cookies & sessions are being used. I've seen some login pages that have "&return=/page/from/whence/the/user/came" in the URL. The login page can then read that from $_GET & redirect the user back.
Re: Best method to return user after they login.
Posted: Fri Dec 04, 2009 4:15 pm
by AbraCadaver
pickle wrote:That only works if cookies & sessions are being used. I've seen some login pages that have "&return=/page/from/whence/the/user/came" in the URL. The login page can then read that from $_GET & redirect the user back.
Good luck logging people in and maintaining some sort of state to tell if people are logged in or not without using sessions

You can use sessions without cookies, but you can't "log someone in" and keep their "logged in" state securely without using sessions.
Well, I guess you could append their username or id and a strong hash of their password (assuming the same hash is stored in the DB or whatever) to every link and form action, etc...on every page in your site/app after they log in, but that would be ridiculous!
Re: Best method to return user after they login.
Posted: Mon Dec 07, 2009 3:21 pm
by tuxiow
Thanks for the advice guys. This is what I have come up with.
I have used this little function I found after some googling.
Code: Select all
<?php
function curPageURL() {
$pageURL = 'http';
if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";}
$pageURL .= "://";
if ($_SERVER["SERVER_PORT"] != "80") {
$pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
} else {
$pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
}
return $pageURL;
}
?>
I saved it as getURL.php and included it in my page...
I then declared a variable from the function and then set it as a session so it can be picked back up as required.....
Code: Select all
session_start();
$returnURL = curPageURL();
$_SESSION['returnURL'] = $returnURL;
Do you think this is okay or is there a better way.
Regards, Paul